Report - justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi

Report Overview

Submitted URL
justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi
IP
146.59.111.145
ASN
#16276 OVH SAS
Submitted
2023-02-05 19:07:43
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
justpaste.it	219317	2014-08-11T20:57:47Z	2023-03-13T05:14:09Z	5.7 kB	140 kB	146.59.111.145
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	1.2 kB	24 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.164.186.39
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	54 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-05 19:08:14	low	Client IP	Internal IP	ET INFO Observed DNS Query to Pastebin-style Service (justpaste .it)
2023-02-05 19:08:14	low	Client IP	Internal IP	ET INFO Observed DNS Query to Pastebin-style Service (justpaste .it)
2023-02-05 19:08:15	low	Client IP	146.59.111.145	ET INFO Observed Pastebin-style Service Domain (justpaste .it) in TLS SNI

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	justpaste.it/build/linkRedirect.ccbf3d4f.js	1.3 kB	2023-03-13	2023-03-14
Pretty URL justpaste.it/build/linkRedirect.ccbf3d4f.js IP 146.59.111.145 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35:54 Last Seen2023-03-14 04:36:16 Times Seen1 Hash a1b783b805747811cf4d8733953c9160 1651ac773c9fcd32826f2ac02e313dd6a1b23e01 01233eebe00fe631d082bc300307dd783f3c10c01ee917a141d8625792b20daf Loading...

	justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi	694 B	2023-03-07	2024-04-25
Pretty URL justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi IP 146.59.111.145 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:21 Last Seen2024-04-25 23:33:53 Times Seen123 Hash b7f89fd8ee1e26d05fa96ef741dbf1cf c2d99165f3f74b302c09d53652fc1eebea412e27 1aa7523980fee7d60c7f775e65cbb5e78d1953ea436b7dcaef7606937418e35c Loading...

	justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi	92 B	2023-03-11	2023-03-29
Pretty URL justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi IP 146.59.111.145 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:38:51 Last Seen2023-03-29 23:05:14 Times Seen23 Hash 47de3f93b9b4a9435ae45f2444e512a0 962f5cd8e732437aea50215c056eb648c142bc72 ab671ef738b8707b889a9761f87d8aacb60ad828e84abc551d97e81e67a3511d Loading...

	justpaste.it/build/runtime.916dd5c0.js	2.2 kB	2023-03-07	2023-04-25
Pretty URL justpaste.it/build/runtime.916dd5c0.js IP 146.59.111.145 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:21 Last Seen2023-04-25 21:58:21 Times Seen38 Hash baea3a1058c1239f71eb6318bbee4369 888405ed5a73dddd1595453f028aeb860876d770 a287bed883aa08552ed3a4fbd423a156088393f4bb9d5aef9151ab10ea615507 Loading...

	justpaste.it/build/3935.56b43c79.js	200 kB	2023-03-09	2023-03-29
Pretty URL justpaste.it/build/3935.56b43c79.js IP 146.59.111.145 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:43:29 Last Seen2023-03-29 23:05:14 Times Seen27 Hash 4596b87c25e2c6c763f354bb72338b23 39669c58d672c96934c256eaa9da221c2562ae82 d8a1efcfa91ff71899f80b04dbff695746704a61b65fe14766cb9b4794f6c607 Loading...

	justpaste.it/build/2956.2bf36cb8.js	56 kB	2023-03-13	2023-03-13
Pretty URL justpaste.it/build/2956.2bf36cb8.js IP 146.59.111.145 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35:54 Last Seen2023-03-13 22:09:10 Times Seen1 Hash 568a6390fdde727c9ac81fa1de569feb 3a3cd5a8b9a4482868bd394b152357a4c39e04af 9c5c57546230bf8e1c5cde637ae5eebc94a7f8be2712fa5a636a40aa70695313 Loading...

	justpaste.it/build/mainpanelwidget.33cbb098.js	16 kB	2023-03-13	2023-03-14
Pretty URL justpaste.it/build/mainpanelwidget.33cbb098.js IP 146.59.111.145 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35:54 Last Seen2023-03-14 08:32:03 Times Seen1 Hash 95f04b74a6ea6235fecbff3e9a57c8e0 dd129f6fb8d0f934aaf14b18eba58f9e0527e31b 87a296cbe328a5cf9433a39b678bbc3af026a67eb61cdfc5dabfe9a74db6012c Loading...

HTTP Transactions (31)

	URL	IP	Response	Size
	justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi	146.59.111.145	301 Moved Permanently	162 B
URL HTTP/1.1 justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi IP 146.59.111.145:0 ASN #16276 OVH SAS File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET /redirect/46x50/https:/xpshort.com/cjdGtmi HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Sun, 05 Feb 2023 19:07:33 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 507011ccb9124dcd57e84a90a0965cc4 1a6575d0ac979c7184490cc9836ac4812ad2afd1 01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE" Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20821 Expires: Mon, 06 Feb 2023 00:54:34 GMT Date: Sun, 05 Feb 2023 19:07:33 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c21ba65e44ac95470c314e068e49a9eb 17a13b13738993d889d4afa3d848dc63bf6eba64 9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66" Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4646 Expires: Sun, 05 Feb 2023 20:24:59 GMT Date: Sun, 05 Feb 2023 19:07:33 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 05 Feb 2023 18:33:56 GMT content-type: application/json age: 2017 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash fb7b6b46e708ad73eaaa3c21e74569ae 950663c025acad81556af5aa3022ecc9d55097fe 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64" Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12246 Expires: Sun, 05 Feb 2023 22:31:39 GMT Date: Sun, 05 Feb 2023 19:07:33 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: LcDku87JRiZ+I+UpskSSKNMzk4+qr5E1Qn0NNLNmGZQiAdSrTRtQ2jCwOIn0BZ+5PY8MFGr+fDo= x-amz-request-id: JSFNYYCQC19MTFR2 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 05 Feb 2023 18:53:24 GMT age: 849 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:33 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	justpaste.it/static/img/jp_logo_v3.svg	146.59.111.145	200 OK	9.8 kB
URL HTTP/2 justpaste.it/static/img/jp_logo_v3.svg IP 146.59.111.145:0 ASN #16276 OVH SAS File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (5152) Size 9.8 kB (9835 bytes) Hash e3101c258b56ad09ba5544ecf76fcbb3 74a0de9d86198ede692dfb550d78be55da8a6484 132a181dd617fe260c9d1a6ca7602b04e5466d705cf9b2571fc41ad248958d7b HTTP Headers `GET /static/img/jp_logo_v3.svg HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:33 GMT content-type: image/svg+xml content-length: 9835 last-modified: Fri, 13 Aug 2021 23:10:49 GMT etag: "6116fbf9-266b" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: origin-when-cross-origin cache-control: public, max-age=2592000, no-transform, immutable x-cache-status: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	justpaste.it/apple-touch-icon.png	146.59.111.145	200 OK	2.8 kB
URL HTTP/2 justpaste.it/apple-touch-icon.png IP 146.59.111.145:0 ASN #16276 OVH SAS File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data Size 2.8 kB (2750 bytes) Hash 79dd48921ed8ec4bb9472a909a5c1ef5 a9bcbe1543dad185f78e199ed38c07375c215b6a c69770c432668292e20fd4357ffced505a68dfb750cdad9f11415f04bec18516 HTTP Headers `GET /apple-touch-icon.png HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:34 GMT content-type: image/png content-length: 2750 last-modified: Mon, 06 Sep 2021 18:10:32 GMT etag: "61365998-abe" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: origin-when-cross-origin cache-control: public, max-age=2592000, no-transform, immutable x-cache-status: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	justpaste.it/favicon.svg	146.59.111.145	200 OK	1.3 kB
URL HTTP/2 justpaste.it/favicon.svg IP 146.59.111.145:0 ASN #16276 OVH SAS File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1283), with no line terminators Size 1.3 kB (1283 bytes) Hash c471eb0bb65b4c41e59f9ba3e99a4475 cb2accfb6a2edb7c37463d9eb89fe94d456b3a06 4ad085f5ca6a91b8b80f1e21f6be735f8ae75fd52df1add299ef79ad2b1ca4ec HTTP Headers `GET /favicon.svg HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:34 GMT content-type: image/svg+xml content-length: 1283 last-modified: Mon, 06 Sep 2021 13:53:34 GMT etag: "61361d5e-503" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: origin-when-cross-origin cache-control: public, max-age=2592000, no-transform, immutable x-cache-status: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 05 Feb 2023 19:07:20 GMT age: 14 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	justpaste.it/build/fonts/bootstrap-icons.b2e5aab6.woff2	146.59.111.145	200 OK	121 kB
URL HTTP/2 justpaste.it/build/fonts/bootstrap-icons.b2e5aab6.woff2 IP 146.59.111.145:0 ASN #16276 OVH SAS File type Web Open Font Format (Version 2), TrueType, length 121296, version 1.0\012- data Size 121 kB (121296 bytes) Hash 7f477633ddd12f84284654f2a2e89b8a 17dad0776899ad1beadabd061c34e2a22b2cde74 966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599 HTTP Headers `GET /build/fonts/bootstrap-icons.b2e5aab6.woff2 HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Referer: https://justpaste.it/build/6594.83d6202c.css Connection: keep-alive Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:34 GMT content-type: font/woff2 content-length: 121296 last-modified: Wed, 16 Nov 2022 16:31:11 GMT etag: "6375104f-1d9d0" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: origin-when-cross-origin cache-control: public, max-age=2592000, no-transform, immutable x-cache-status: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dedf9c519ac38c4bece9c5bc895787d7 4911175c3f8a435978c5301c33c7a99a5e00a1d5 bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698" Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14655 Expires: Sun, 05 Feb 2023 23:11:49 GMT Date: Sun, 05 Feb 2023 19:07:34 GMT Connection: keep-alive`

	push.services.mozilla.com/	35.164.186.39	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.164.186.39:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 8r9ZqNBKeeTIfIoqt/3ZUA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: sYlqvPgy+S2PcqYfR42WWx/w/Yk=`

	firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675609035397%22	35.241.9.150	200 OK	21 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675609035397%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (20973), with no line terminators Size 21 kB (20973 bytes) Hash c3cc462f5591edbb198922612d8f88a6 e1abf295342ed35a0ec49946896ee0dbdf3a1cb0 1c18ae964b1c539af729badddea52961f5835d804ca8983783312150a794328c HTTP Headers `GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221675609035397%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 20973 via: 1.1 google date: Sun, 05 Feb 2023 19:02:22 GMT age: 312 last-modified: Sun, 05 Feb 2023 14:57:15 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1b25bf82638deaab60981e1315ee0849 e3bd912fd1a890e64ee6746a78a674db7ff77039 a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6726 Expires: Sun, 05 Feb 2023 20:59:41 GMT Date: Sun, 05 Feb 2023 19:07:35 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1b25bf82638deaab60981e1315ee0849 e3bd912fd1a890e64ee6746a78a674db7ff77039 a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6726 Expires: Sun, 05 Feb 2023 20:59:41 GMT Date: Sun, 05 Feb 2023 19:07:35 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg	34.120.237.76	200 OK	7.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.3 kB (7288 bytes) Hash b1092c4dd4d9ca4d09462ae46e1dd7c1 17444ff60be1afbc40d3653fa936f9eaf9478068 ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7288 x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f1WrwH-iIAMFyhQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0 x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 21:43:26 GMT etag: "17444ff60be1afbc40d3653fa936f9eaf9478068" content-type: image/jpeg age: 77049 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg	34.120.237.76	200 OK	8.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.5 kB (8527 bytes) Hash 6661b7263315f5eb3cd2465f671e1fcd b7b5831c6b3ccc41d7a980b6088adc10ff8785f1 eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8527 x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyDqqGg5oAMFV-A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 22:05:45 GMT age: 75710 etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg	34.120.237.76	200 OK	5.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.0 kB (5014 bytes) Hash 5b6c30ad03669b66bf2f63b3edd69882 e630bd132b52b965a5ade646ea8a165d1abf6d7b f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5014 x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fi3bIE0aoAMF6YQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 11:24:01 GMT age: 27814 etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10905 bytes) Hash 1a4eed23b240d04a3cd6b085cfa93375 f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00 93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10905 x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fmNJCEDzIAMFmxA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 22:09:58 GMT age: 75457 etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (12967 bytes) Hash 8e0be7db14d930d6227443314bcd1747 4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12967 x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fpIQAFCMIAMF0Sw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0 x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 03:42:59 GMT age: 55476 etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg	34.120.237.76	200 OK	3.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.5 kB (3474 bytes) Hash d7a466d89c75ff3459b7328591db52cf c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3474 x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f1WXEEbnoAMFRdg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0 x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 21:51:26 GMT age: 76569 etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi	146.59.111.145	200 OK	0 B
URL HTTP/2 justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi IP 146.59.111.145:0 ASN #16276 OVH SAS File type Size 0 B (0 bytes) Hash HTTP Headers `GET /redirect/46x50/https:/xpshort.com/cjdGtmi HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:33 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2`

	justpaste.it/build/redirect.dc869a83.css	146.59.111.145	200 OK	0 B
URL HTTP/2 justpaste.it/build/redirect.dc869a83.css IP 146.59.111.145:0 ASN #16276 OVH SAS File type Size 0 B (0 bytes) Hash HTTP Headers `GET /build/redirect.dc869a83.css HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:33 GMT content-type: text/css vary: Accept-Encoding last-modified: Wed, 07 Jul 2021 15:27:45 GMT etag: W/"60e5c7f1-19a" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: origin-when-cross-origin cache-control: public, max-age=2592000, no-transform, immutable x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	justpaste.it/build/runtime.916dd5c0.js	146.59.111.145	200 OK	0 B
URL HTTP/2 justpaste.it/build/runtime.916dd5c0.js IP 146.59.111.145:0 ASN #16276 OVH SAS File type Size 0 B (0 bytes) Hash HTTP Headers `GET /build/runtime.916dd5c0.js HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:33 GMT content-type: application/javascript vary: Accept-Encoding last-modified: Mon, 11 Apr 2022 09:06:15 GMT etag: W/"6253ef87-8b6" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: origin-when-cross-origin cache-control: public, max-age=2592000, no-transform, immutable x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	justpaste.it/build/3935.56b43c79.js	146.59.111.145	200 OK	0 B
URL HTTP/2 justpaste.it/build/3935.56b43c79.js IP 146.59.111.145:0 ASN #16276 OVH SAS File type Size 0 B (0 bytes) Hash HTTP Headers `GET /build/3935.56b43c79.js HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:33 GMT content-type: application/javascript vary: Accept-Encoding last-modified: Mon, 19 Dec 2022 08:29:57 GMT etag: W/"63a02105-30f08" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: origin-when-cross-origin cache-control: public, max-age=2592000, no-transform, immutable x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	justpaste.it/build/linkRedirect.ccbf3d4f.js	146.59.111.145	200 OK	0 B
URL HTTP/2 justpaste.it/build/linkRedirect.ccbf3d4f.js IP 146.59.111.145:0 ASN #16276 OVH SAS File type Size 0 B (0 bytes) Hash HTTP Headers `GET /build/linkRedirect.ccbf3d4f.js HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:33 GMT content-type: application/javascript vary: Accept-Encoding last-modified: Wed, 01 Feb 2023 09:02:42 GMT etag: W/"63da2ab2-518" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: origin-when-cross-origin cache-control: public, max-age=2592000, no-transform, immutable x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	justpaste.it/build/6594.83d6202c.css	146.59.111.145	200 OK	0 B
URL HTTP/2 justpaste.it/build/6594.83d6202c.css IP 146.59.111.145:0 ASN #16276 OVH SAS File type Size 0 B (0 bytes) Hash HTTP Headers `GET /build/6594.83d6202c.css HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:33 GMT content-type: text/css vary: Accept-Encoding last-modified: Wed, 16 Nov 2022 16:31:11 GMT etag: W/"6375104f-13e6e" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: origin-when-cross-origin cache-control: public, max-age=2592000, no-transform, immutable x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	justpaste.it/build/2956.2bf36cb8.js	146.59.111.145	200 OK	0 B
URL HTTP/2 justpaste.it/build/2956.2bf36cb8.js IP 146.59.111.145:0 ASN #16276 OVH SAS File type Size 0 B (0 bytes) Hash HTTP Headers `GET /build/2956.2bf36cb8.js HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:33 GMT content-type: application/javascript vary: Accept-Encoding last-modified: Wed, 01 Feb 2023 09:02:42 GMT etag: W/"63da2ab2-dadc" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: origin-when-cross-origin cache-control: public, max-age=2592000, no-transform, immutable x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	justpaste.it/build/mainpanelwidget.33cbb098.js	146.59.111.145	200 OK	0 B
URL HTTP/2 justpaste.it/build/mainpanelwidget.33cbb098.js IP 146.59.111.145:0 ASN #16276 OVH SAS File type Size 0 B (0 bytes) Hash HTTP Headers `GET /build/mainpanelwidget.33cbb098.js HTTP/1.1 Host: justpaste.it User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://justpaste.it/redirect/46x50/https:/xpshort.com/cjdGtmi Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 19:07:33 GMT content-type: application/javascript vary: Accept-Encoding last-modified: Wed, 01 Feb 2023 09:02:42 GMT etag: W/"63da2ab2-3e18" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: origin-when-cross-origin cache-control: public, max-age=2592000, no-transform, immutable x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (31)

URL HTTP/1.1

IP

ASN

File type